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This listing of claims will replace till prior versions, and listings, of claims in the 
application: 

Listing or Claims: 

1. (currently amended) A method facilitating deployment of volume-based network 
policies across a computer network, the method comprising the steps of: 

monitoring, over a given time interval, the aggregate volume of data transfer 
corresponding to each user of a plurality of users , wherein the given time interval spans at 
least one week ; 

detecting, for a first user in the plurality of users, a network utilization milestone, 
wherein the network utilization milestone occurs when, within the given time interval, the 
aggregate volume of data transfer associated with the first user crosses a threshold; and 

affecting a characteristic associated with the network access provided to the first 
user identified in the detecting step. 

2. (previously amended) The method of claim 1 wherein the affecting step comprises the 
step of: 

affecting a performance characteristic of the network access provided to the first 
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user identified in the detecting step. 

3. (previously amended) The method of claim 1 wherein the affecting step comprises the 
step of: 

degrading the network access provided to the first user identified in the detecting 

step. 

4. (previously amended) The method of claim 1 wherein the affecting step comprises the 
step of: 

denying further network access to the first user identified In the detecting step. 

5. (previously amended) The method of claim 1 wherein the affecting step comprises the 
step of: 

charging the first user identified in the detecting step for further network access. 

6. (previously amended) The method of claim 1. further comprising the step of 

notifying the first user when the aggregate volume of data transfer associated with, 
the first user approaches the threshold. 

7. (currently amended) The method of claim 1 wherein the detecting step comprises 

comparing the aggregate number of transferred bytes associated with the first user 
over [ja]| the given time interval against a threshold level defining the network utilization 
milestone. 



8. (original) The method of claim 3 wherein network access is degraded only with respect 
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to a predefined set of traffic types. 

9. (original) The method of claim 4 wherein network access Is denied only with respect to 
a predefined set of traffic types. 

10. (original) The method of claim 1 wherein the monitoring step is performed only with 
respect to a predefined set of traffic types. 

11. (currently amended) A method facilitating deployment of volume-based network 
policies across a computer network, the method comprising the steps of 

monitoring, over a given time interval, the aggregate volume of data transfer 
corresponding to each user of a plurality of users within a given time interval, wherein the 
aggregate volume of data transfer characterizes the volume of data corresponding to past 
and current data flows over the given time interval, and wherein the gi ven time interval 
spans at least one week; 

detecting, for a first user in the plurality of users, a network utilization milestone, 
wherein the network utilization milestone occurs when, within the given time interval, the 
aggregate volume of data transfer associated with the first user crosses a threshold; and, 

affecting,, for the remainder of the time interval, a characteristic associated with the 
network access provided to the first user identified in the detecting step. 

12. (previously amended) The method of claim 11 wherein the affecting step comprises 
the step of: 

affecting a performance characteristic of the network access provided to the first 
user identified in the detecting step. 
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13. (previously amended) The method of claim 11 wherein the affecting step comprises 
the step of; 

degrading the network access provided to the first user identified in the detecting 

step. 

14. (previously amended) The method of claim 11 wherein the affecting step comprises 
the step of: 

denying further network access to the first user identified in the detecting step. 

1.5. (previously amended) The method of claim 11 wherein the affecting step comprises 
the step of: 

charging the first user identified in the detecting step for further network access. 

16. (previously amended) The method of claim 11 further comprising the step of 

notifying the first user when the aggregate volume of data transfer associated with 
the first user approaches the threshold. 

17. (previously amended) The method of claim 11 wherein the detecting step comprises 

comparing the aggregate number of transferred bytes associated with the first user 
over a given time interval against a threshold level defining the network utilization 
milestone. 

18. (original) The method of claim 17 wherein the time interval is a fixed time interval 
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19. (original) The method of claim 17 wherein the time interval, is a sliding time interval. 

20. (original) The method of claim 1.3 wherein network access is degraded only with 
respect to a predefined set of traffic types. 

21. (original) The method of claim 14 wherein network access is denied only with respect 
to a predefined set of traffic types. 

22. (currently amended) The method of claim jj i]| 11 wherein the monitoring step is 
performed only with respect to a predefined set of traffic types. 

23. (currently amended) A method facilitating deployment of volume-based network 
policies across a computer network, the method comprising the steps of 

registering a user at a network access device connected to a first computer network, 
the network access device including an IP address; 
associating the IP address with the user; 

providing the user access to a second computer network by changing the 
configuration of a network device in a communication path between the first computer 
network and the second computer network; 

monitoring,, over a given time interval, the aggregate volume of data transfer 
associated with the IP address , wherein, the given lime interval spans at least one week; 

detecting a network utilization milestone based on the aggregate volume of data 
transfer within the given time interval associated with the IP address relative to a 
threshold; 

changing the configuration of the network device to affect a characteristic 
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associated with access to the second network provided to the user. 

24. (currently amended) An apparatus facilitating the deployment of volume-based 
network policies across a first computer network, the first computer network comprising 
at least one traffic monitoring device operative to monitor the volume of network traffic 
generated by individual users, and at least one network control device operative to control 
access to a second computer network, comprising 

a user account database maintaining the respective aggregate volumes of data 
transfer corresponding to each user of a plurality of users; 

a data logging module operative to t oil. .. I Ui i gregate \ olu.me of data transfer 
within a given, time interval for the plurality of users collected data in the user account 
database , wherein, the given time interval, spans at least one week ; 

a network usage monitor operative to: 

scan the user account database to detect, for a first user in the plurality of 
users, a network utilization milestone reached by the first user based on the aggregate 
volume of data transfer associated with the first user in relation to a threshold and the 
given time interval, and 

modify the configuration of the network control device to affect a 
characteristic of access to the second computer network for the first user. 

25. (original) The apparatus of claim. 24 further comprising a user interface module 
operative to register new users and create corresponding user accounts in the user account 
database. 



26. (original) The apparatus of claim 25 wherein the apparatus, in response to registration 
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of a new user, is operative to modify the configuration, of the network control device to 
allow access to the second computer network for the new user. 



27. (currently amended) A system, facilitating the deployment of volume-based network 
policies across a first computer network, comprising 

a bandwidth management device operably connected to a communication path 
between the first computer network and a second computer network, 
wherein the bandwidth management device is operative to: 

monitor, for a first host in a plurality of hosts connected to the first network, 
the aggregate volume of network traffic generated by the first host over a given lime 
interval , wheigj : n the given and 

enforce bandwidth utilization controls associated with individual hosts on 
data flows generated, by the respective individual hosts; 
a user management server operative to: 

detect for the first user, a network utilization milestone based on the 
aggregate volume of data transfer in relation to a utilization threshold and the given time 
interval; and, 

in response to a network utilization milestone, change the configuration of 
the bandwidth management device to associate bandwidth utilization controls 
corresponding to the milestone with the first host. 

28. (original) The system of claim 27 wherein the bandwidth management device is 
operative to redirect data flows generated by unknown hosts on the first computer 
network to the user management server; and wherein user management server is 
operative to register unknown hosts and change the configuration of the bandwidth. 
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management device to associate the host with bandwidth utilization controls operative to 
permit access to the second network. 

29. (original) The system of claim 27 wherein the bandwidth utilization controls 
associated with the milestone are operative to deny access to the second computer 
network. 

30. (original) The system of claim 27 wherein the bandwidth utilization, controls 
associated with the milestone are operative to degrade access to the second computer 
network. 

31. (original) The system of claim 27 wherein the bandwidth management device is 
further operative identify network traffic types associated with data flows traversing the 
device; and wherein the user management server is operative to configure bandwidth 
utilization controls applicable to traffic types identified by the bandwidth management 
device. 

32. (original) The system of claim 27 wherein the bandwidth management device and the 
user management server reside on the same device. 

33. (new) The method of claim 1 wherein the given time interval spans one month. 

34. (new) The method of claim 11 wherein the given time interval spans one month. 

35. (new) The method of claim 23 wherein the given time interval spans one month. 
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36. (new) The apparatus of claim 24 wherein the given time interval spans one month. 

37, (new) The system of claim 27 wherein the given time interval spans one month. 
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